Thu February 6, 2014

Sniper Attack On Power Station Highlights Grid's Vulnerability

Warning that no single authority can order utilities to beef up security at their facilities, the former head of the Federal Energy Regulatory Commission continues to raise the alarm about a sniper attack last April on an electric power station in San Jose, Calif.. He says it highlights the vulnerability of the nation's power grid and that more needs to be done to protect that infrastructure.

"Just because they didn't succeed this time" in causing a major power outage "doesn't mean someone might not succeed next time," Jon Wellinghoff tells NPR's Renee Montagne. He was speaking about those responsible for the damage done to equipment at the lightly protected facility.

Wellinghoff has been outspoken in recent days about his view that the attack — which until December had gone largely unreported — reveals a dangerous lack of security around key parts of the nation's power grid. "We need to start putting in place mitigation measures," he tells Renee during a conversation recorded for Friday's Morning Edition. Among those measures could be something as simple as putting concrete barriers in front of transformers so they can't be shot at from outside power stations.

The power station attacked in San Jose was surrounded by a chain link fence. There were no guards there, though there was at least one surveillance camera.

Wellinghoff also says that his former agency, which regulates the interstate transmission of electricity, natural gas, and oil, does not have the authority to tell utilities to take specific actions to boost security at their facilities. "Some agency," he says, has to be put in charge of putting such a plan together and making sure utilities follow through.

After the attack in San Jose, Wellinghoff says, he went to the scene with a team of Defense Department specialists who train special forces personnel. They found evidence of pre-planning — including piles of stones to apparently mark locations from which to shoot. The specialists also told Wellinghoff it's their opinion that a lookout monitored police radio traffic — and raised an alert as officers came near. Otherwise, Wellinghoff says, shots might have taken out three more transformers and power to Silicon Valley might have been threatened.

The local utility, PG&E, was able to reroute power during the incident. It was aided by the timing of the attack — just before 2 a.m. on a spring night, when demand for electricity was relatively low. PG&E says there was never any immediate danger of a blackout.

Other experts have been quoted as being less concerned than Wellinghoff about such an attack's potential to do damage to the local or national power grid. Gerry Cauley, chief executive of the standard-settings group North America Electric Reliability Corp., tells the Journal that most customers would have their electricity back on within hours even if several substations were disabled at the same time.

There have been no arrests. The motive for the attack, if there was one, isn't known. The Mercury News reminds readers Thursday that "the FBI says there is no evidence that terrorists were involved." The newspaper adds that "PG&E spokesman Brian Swanson declined to discuss the matter in detail or comment on whether officials at the San Francisco-based utility believe terrorists were involved."

As we said, Wellinghoff's conversation with Renee is due to be on Friday's Morning Edition. Click here to find an NPR station that broadcasts or streams the show.

Copyright 2014 NPR. To see more, visit http://www.npr.org/.

Transcript

RENEE MONTAGNE, HOST:

New details emerged this week in the Wall Street Journal, about a rather startling attack by gunmen on a power substation in the San Francisco Bay area.

DAVID GREENE, HOST:

Last spring, in the middle of the night, snipers systematically shot up transformers that provide power to Silicon Valley. The FBI says it does not think a terrorist organization was behind it, but investigators still have no suspects.

MONTAGNE: And among the voices raising concerns about the physical security of the nation's power supply is the man who oversaw the grid until very recently. Jon Wellinghoff was the head of the Federal Energy Regulatory Commission at the time of the attack. He walked the site with his team from FERC and people from the Department of Defense. We called him to talk about it.

Thank you for joining us.

JON WELLINGHOFF: Thank you, Renee.

MONTAGNE: Now, vandalism, attacks on utility equipment happens every few days somewhere in the U.S. What is it about this attack in particular that has had you worried?

WELLINGHOFF: Yes. There are many physical attacks on the grid of various kinds, but this one was different in the sense that it was extremely sophisticated and it was obviously the work of people who had a very high level of training and understanding of our grid system.

MONTAGNE: What about it says to you this is a sophisticated group that did this?

WELLINGHOFF: Well, they knew to cut communications cables that would've carried 911 calls. And then they set up specific targeting positions and actually had someone signaling them to start firing and then signaled them 70 seconds before the police arrived to stop firing and to leave the area. In addition, they were using AK47-type weapons and they were firing these weapons 40 to 60 yards from their targets at night with muzzle flash in their face and they hit their targets 110 out of 120 times.

You don't do that unless you're extremely well trained.

MONTAGNE: Are you saying that this might be a small act of terrorism?

WELLINGHOFF: Well, what I'm really saying here is this was an act that obviously was perpetrated by individuals who were very well trained and what it does primarily is point out the physical vulnerability of our grid.

MONTAGNE: Well, I just want to interject here, though, that this attack - there was no blackout. The power was rerouted from other parts of the grid. It was very well contained.

WELLINGHOFF: The California ISO - Independent System Operator - was able to keep up the grid, number one, because this was a time of very low power usage. It was during April at night. In the middle of summer you might get a completely different result. And they did not knock out the entire substation. Three of transformers stayed up.

Again, it does not mean that if someone had a intent to do us severe harm and they were successful in knocking out a power substation and multiple substations, that you wouldn't see a very severe outage. And you can then relate this to the 2003 blackout. That was a touch of a tree, one tree on one line, that knocked out the entire northeast United States, 50 million people, for three or four days.

MONTAGNE: But may I ask - since that 2003 power outage haven't a lot of these redundancies been put into place?

WELLINGHOFF: No, there haven't been redundancies put in place. Congress under the 2005 Energy Policy Act passed a law that gave FERC the authority to put in place rules for reliability for the grid. Those rules are not set up to address immediate threats and vulnerabilities. The case still is - we have a number of critical nodes in this country and if they were taken out by a physical attack those areas of the country would go black.

MONTAGNE: Well, just finally, do you think the utilities themselves are taking this seriously enough?

WELLINGHOFF: Oh, I think they're taking it seriously and trying to do what they can, but they have multiple competing requirements for their dollars. Cyber security is one which has been talked about a lot, although I think this physical security issue is much more important than cyber security, personally. So to make this a priority it should be a national priority because it is, I think, a very critical one from a standpoint of physical security and maintaining the reliability of the grid.

MONTAGNE: Jon Wellinghoff spent several years as the head of the Federal Energy Regulatory Commission until last November. He was talking to us about the attack last spring, by snipers, on a power substation near Silicon Valley. Thank you very much.